The goal of the warranty is to "promote the adoption of proactive risk management strategies and security policy compliance to protect the nation's critical computer networks from cyberattack"

Last week, Citadel Security Software announced it would start offering customers a warranty against losses due to security breaches of systems protected by the company's enterprise vulnerability management and policy enforcement products.

The warranty is based on the company's ability to provide timely, accurate and effective remedies to protect customers' networks within 24 hours. In the event that a system protected by the company's products is breached, the company will compensate the customer for losses up to the amount of the customer's investment in Citadel products.

The warranty, provided in partnership with the insurance company AIG, protects organizations with investments in Citadel security products for up to a year after the product purchase, according to Citadel CEO, Steve Solomon. However, the warranty is not extended to current customers unless they purchase additional Citadel software, he said.

The company is offering the warranty because it wants to "promote the adoption of proactive risk management strategies and security policy compliance to protect the nation's critical computer networks from cyberattack," according to a Citadel news release.

Solomon hopes that the warranty can offer prospective customers who are displeased with their current security software and wary about making new investments the peace of mind that Citadel stands behind its products and will compensate its customers for damage done to their business if Citadel doesn't live up to the service agreement signed with the customer.

An analyst and a policy maker both praised Citadel's announcement.

Phebe Waterfield, Senior Analyst at Yankee Group called Citadel's security guarantee as "an important first for the maturing security industry."

U.S. Senator John Cornyn said Citadel's announcement of the warranty indicated the private sector could respond to issues concerning national and economic security without being required to do so by the government. "This is a creative solution to the cyber security problem and signals a new direction in the willingness of software makers to guarantee the performance of their products," he said.